Skip to content

5. REST APIs

Jump to bottom
Lorena Goldoni edited this page Jul 31, 2023 · 10 revisions

BuffaLogs REST APIs

Five views were implemented using DRF - Django-Rest Framework, in order to provide the possible to query the charts data. In particular, the supplied APIs are:

API's name API result
users_pie_chart_api It returns the association between the risk level and the number of users with that risk score
alerts_line_chart_api
world_map_chart_api
alerts_api It returns
risk_score_api It provides the association between user and risk level for the users whose risk changed in the requested timeframe

Users pie chart API

API's name API input API output
users_pie_chart_api start and end datetime captured in the URL: users_pie_chart_api/start=...&end=... a JSON with user risk as keys and user count as value

Example:

{   "No risk": 32
    "Low": 2
    "Medium": 86
    "High": 4
}

Alerts line chart API

API's name: alerts_line_chart_api

Input: start and end datetime captured in the URL: alerts_line_chart_api/start=...&end=...

Output: A dictionary containing a list of datetime and a value representing the amount of data for that datetime.

The data is formatted differently based on start and end time duration. There are three types of formats:

  • hour
  • day
  • month

Alerts line chart API - HOUR example

Request using start=2023-06-15T14:00:00Z and end=2023-06-15T16:00:00Z

{
 "Timeframe": "hour",
 "2023-06-15T14:00:00Z": 23,
 "2023-06-15T15:00:00Z": 43,
}

The first value represents the number of alerts triggered between 14:00:00Z and 15:00:00Z. the second represents the number of alerts triggered between 15:00:00Z and 16:00:00Z.

Alerts line chart API - DAY example

Request using start=2023-06-15T00:00:00Z and end=2023-06-16T23:59:59Z

{
 "Timeframe": "day"
 "2023-06-15T": 434,
 "2023-06-16T": 23
}

Alerts line chart API - MONTH example

Request using start=2023-05-01T00:00:00Z and end=2023-06-31:23:59:59Z

{
 "Timeframe": "month"
 "2023-06": 4344,
 "2023-05": 2332
}

World map chart API

Input: start and end datetime captured in the URL: world_map_chart_api/start=...&end=...

Output: a JSON with the list of all countries (saved in the impossible_travel/dashboard/countries.json file) and the number of alerts triggered in that place.

Example:

{
 "ad": 0,
 "ae": 0,
 [ ... ]
 "sd":43,
 "it": 10
}

Alerts API

Input: start and end datetime captured in the URL: alerts_api/start=...&end=...

Output: a JSON with a list of dictionaries each of which contains the timestamp, username and rule of the alert triggered

Example:

[
	{
	 "timestamp": "2023-06-15T14:00:00Z",
	 "username": "Lorena Goldoni",
	 "rule_name": "Impossible travel detected"
	},
	{"timestamp": "2023-06-15T14:30:00Z",
	 "username": "Lorena Goldoni",
	 "rule_name": "Login from new country"
	}
]

Risk Score API

Input: start and end datetime captured in the URL: risk_score_api/start=...&end=...

Output: a JSON with usernames as keys and the relative risk score as value

Example:

{
	"Lorena Goldoni": "No risk",
	"Lory Goldoni": "High"
}
Clone this wiki locally